Authorization Service/Agent/App

[elf-pavlik]

Over the last few years, we can see a common direction independently emerging in different solid-based efforts.

A dedicated party focus and responsible for setting access policies.

One of the examples, which I'm the most familiar with by co-editing the spec and maintaining the typescript implementation, is SAI Authorization Agent.

Another example is Inrupt's Access Grant Service

Yet another example is LauncherApp

I also believe that SolidOS provides some additional authorization features, for example, special treatment when setting access to all the contacts in a contact group.

Since Authorization often depends on the user's social graph, the party responsible for authorization has often full access to that social graph. For example in SAI, a regular app can't set any access policies but it can redirect the user to their authorization agent indicating the resource they would like to share.

SAI's Agent Registry is fully managed by the Authorization Agent. Most interactions between two social agents depend on them having established reciprocal Social Agent Registrations.

---

@michielbdejong: Great! I also just remembered https://github.com/inrupt/launcher-exploration which was the basis for https://github.com/pdsinterop/solid-nextcloud/tree/main/solid/templates/applauncher IIRC
And #135 (comment)
And solid/authorization-panel#47

[elf-pavlik]

The meetings is scheduled for 2023-12-12 #555

[elf-pavlik]

Notes from 2023-12-12

Present

• elf Pavlik
• Michiel de Jong
• Gordana Halavanja
• Rahul Gupta
• Arne Hassel
• Sarven Capadisli

Launcher App

• https://github.com/solid/authorization-panel/blob/main/proposals/LauncherApp.md
• https://github.com/bblfish/LauncherApp
• https://github.com/co-operating-systems/solid-control (current)
• https://twitter.com/bblfish/status/1666547828506742788 (see video/demo, re-recorded after Solid CG meeting demo)
• https://github.com/co-operating-systems/Reactive-SoLiD
• https://github.com/bblfish/SolidCtrlApp
• https://solid.github.io/httpsig/
• https://github.com/megoth/solid-app-browser-extension (Arne's "App Launcher" - work in progress)
• also related: https://github.com/megoth/ldo-solid-app-manifest (also work in progress)
• Started some work on vocabulary at https://github.com/megoth/ldo-solid-app-manifest/blob/main/ontology.ttl (don't have anything on authorization though - and it's very web-oriented)

Silvan, Benoit and Daniel plan to work on it.
Henry has already implemented the Linked Data event streams.

Solid Wallet was re-naming for proposa/funding purposes, essentially nothing different but the very idea of the LauncherApp.

---

Arne woked on
Cross browser extension

What runs on user device(s) and what on the server somewhere in the cloud?

There is also a server side, not only the client in the browser. It is considered the first app you get, just as your WebID and pod. It launches all the other apps and manages them. It manages the apps and stores the credentials.

European Identiy Framework, blockchain based.

Can be client-server or server-server communication.

One potential use of HttpSig in the context of Notifications Protocol:

• https://solid.github.io/notifications/ldn-channel-2023
• Authentication: exchanging public keys, signing messages notifications#148

Launcher App Exploration

https://launcher-exploration.inrupt.app/

It uses acl:trustedApp

SAI

early playlist with demos https://www.youtube.com/watch?v=IXzdH1JqcOA&list=PLXBho_YohPB09B_ecOsABoI8Dc67v1H4O